I feel like this should be obvious somehow but I'm scratching my head. My basic question is does firewalld apply rules the order it finds them, a la iptables? Or does it do a best match? If in order it finds them, how does it decide the order based on the zone files?
i.e. if I have a zone called "LAN" and I define it for example as having a source of 192.168.0.0/16, and then I make a zone called "VLAN20" and have it source from 192.168.20.0/24, which rule would get hit for a client 192.168.20.5?
[link][9 comments]